ModSecurity is an efficient firewall for Apache web servers that's employed to stop attacks toward web applications. It monitors the HTTP traffic to a certain Internet site in real time and prevents any intrusion attempts the moment it detects them. The firewall relies on a set of rules to do that - as an example, trying to log in to a script administration area without success many times triggers one rule, sending a request to execute a specific file that may result in accessing the Internet site triggers another rule, and so on. ModSecurity is one of the best firewalls available on the market and it will secure even scripts that aren't updated on a regular basis as it can prevent attackers from employing known exploits and security holes. Quite thorough data about each intrusion attempt is recorded and the logs the firewall keeps are a lot more specific than the standard logs provided by the Apache server, so you can later examine them and decide whether you need to take additional measures so as to boost the security of your script-driven websites.
ModSecurity in Shared Website Hosting
ModSecurity comes by default with all shared website hosting packages that we offer and it will be activated automatically for any domain or subdomain which you add/create in your Hepsia hosting Control Panel. The firewall has 3 different modes, so you can switch on and disable it with only a click or set it to detection mode, so it shall maintain a log of all attacks, but it will not do anything to prevent them. The log for each of your Internet sites will include detailed info including the nature of the attack, where it originated from, what action was taken by ModSecurity, etcetera. The firewall rules which we use are constantly updated and include both commercial ones that we get from a third-party security company and custom ones that our system administrators add in case that they detect a new sort of attacks. This way, the websites that you host here will be far more secure without any action needed on your end.
ModSecurity in Semi-dedicated Servers
All semi-dedicated server packages that we offer include ModSecurity and because the firewall is turned on by default, any site that you create under a domain or a subdomain shall be protected right away. An independent section within the Hepsia Control Panel that comes with the semi-dedicated accounts is dedicated to ModSecurity and it'll permit you to stop and start the firewall for any site or switch on a detection mode. With the last mentioned, ModSecurity shall not take any action, but it shall still identify possible attacks and will keep all info inside a log as if it were completely active. The logs could be found inside the exact same section of the CP and they feature specifics about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to recognize and stop it, and so forth. The security rules which we use on our machines are a mix between commercial ones from a security company and custom ones made by our system admins. Consequently, we offer greater security for your web apps as we can shield them from attacks before security firms release updates for new threats.
ModSecurity in VPS Servers
Safety is extremely important to us, so we set up ModSecurity on all VPS servers which are provided with the Hepsia Control Panel as a standard. The firewall can be managed through a dedicated section in Hepsia and is turned on automatically when you add a new domain or generate a subdomain, so you'll not need to do anything personally. You'll also be able to deactivate it or turn on the so-called detection mode, so it'll keep a log of possible attacks that you can later analyze, but will not block them. The logs in both passive and active modes contain details regarding the type of the attack and how it was stopped, what IP address it originated from and other important info that might help you to tighten the security of your Internet sites by updating them or blocking IPs, for example. Besides the commercial rules that we get for ModSecurity from a third-party security enterprise, we also implement our own rules as once in a while we discover specific attacks which are not yet present within the commercial package. This way, we can improve the protection of your VPS immediately as opposed to awaiting a certified update.
ModSecurity in Dedicated Servers
ModSecurity is included with all dedicated servers which are integrated with our Hepsia CP and you won't have to do anything specific on your end to use it as it's switched on by default whenever you add a new domain or subdomain on your web server. In the event that it disrupts some of your programs, you shall be able to stop it through the respective area of Hepsia, or you could leave it working in passive mode, so it'll identify attacks and shall still keep a log for them, but won't prevent them. You may look at the logs later to learn what you can do to improve the security of your Internet sites since you'll find info such as where an intrusion attempt originated from, what site was attacked and based on what rule ModSecurity reacted, and so forth. The rules we use are commercial, thus they are regularly updated by a security company, but to be on the safe side, our admins also add custom rules occasionally as to react to any new threats they have identified.